2023第十四届极客大挑战 — CRYPTO(WP全)

灌篮少年  金牌会员 | 2024-1-16 16:27:19 | 来自手机 | 显示全部楼层 | 阅读模式
打印 上一主题 下一主题
楼主

主题 831|帖子 831|积分 2493

浅谈:
本次大挑战我们队伍也是取得了第一名的成绩,首先要感谢同伴的陪伴和帮助。在共同的努力下终不负期望!
但遗憾的是我们没有在某个方向全通关的,呜呜呜~ 继续努力吧!要学的还很多。明年有机会再战!!加油!
Crypto方向题解:来自本人

第一波题目

SignIn

1、题目信息
  1. Bibo...Hello! 你好! こんにちは! Привет! 5359437b48656c6c6f5f576f726c645f43727970746f5f6269626f6269626f7d…  Hmm... Something goes wrong with my grettings bot.
复制代码
2、解题方法
看到HEX编码
  1. 5359437b48656c6c6f5f576f726c645f43727970746f5f6269626f6269626f7d
复制代码
直接解

proof_of_work

1、题目信息
  1. 题目链接:nc ... Build your own function to solve proof_of_work!
复制代码
2、解题方法
连接靶机得到
  1. sha256(XXXX+YMBlFIGoaFZ1Z24P) == 77aeea7731a49f8bc37099419177dc7b51d8941a4c7213c76ad7b4466f35f050
  2. Give me XXXX:
复制代码
缺少前四位,哈希碰撞,简单的
exp:
  1. import hashlib
  2. dic = 'abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ'
  3. for a in dic:
  4.     for b in dic:
  5.         for c in dic:
  6.             for d in dic:
  7.                 t =str(a)+str(b)+str(c)+str(d)+'YMBlFIGoaFZ1Z24P'
  8.                 m = (hashlib.sha256(t.encode())).hexdigest()
  9.                 if m[:64] == '77aeea7731a49f8bc37099419177dc7b51d8941a4c7213c76ad7b4466f35f050':
  10.                    print(t)
  11.                    break
复制代码
  1. eri8YMBlFIGoaFZ1Z24P
复制代码
输入即可
  1. Right!
  2. Congrats! Your flag is: SYC{st3p_1nt0_1nter4ctive_Crypt0graphy}
复制代码
SimpleRSA

1、题目信息
  1. So simple RSA! Wait... Are you kidding me? https://en.wikipedia.org/wiki/RSA_(cryptosystem)
复制代码
  1. import gmpy2
  2. from Crypto.Util.number import *
  3. flag = b"SYC{Al3XEI_FAKE_FLAG}"
  4. assert len(flag) == 35
  5. p,q = [getPrime(2048) for _ in "__"]
  6. n = p*q
  7. e = 65537
  8. c = gmpy2.powmod(bytes_to_long(flag),e,n)
  9. print(p)
  10. print(c)
  11. #24724324630507415330944861660078769085865178656494256140070836181271808964994457686409910764936630391300708451701526900994412268365698217113884698394658886249353179639767806926527103624836198494439742123128823109527320850165486500517304731554371680236789357527395416607541627295126502440202040826686102479225702795427693781581584928770373613126894936500089282093366117940069743670997994742595407158340397268147325612840109162997306902492023078425623839297511182053658542877738887677835528624045235391227122453939459585542485427063193993069301141720316104612551340923656979591045138487394366671477460626997125944456537
  12. #510345661718450375632304764819724223824018609359964259503762283253350010161515190912152623604019093266967095847334388281390406831587663253164256543905694021952211220652820225527413861208452760215767828927039893435528572148282529198773772864255061213208279999011194952146362748485103032149806538140693537361755210176698895104708379400806511907719904867068865970241208806615061055047254026118016836750283966478103987375361826198930529462261013324904522014804502582865716441828895047550041401172127129749969507853355531197814919603963664646220505672302543085959372679395717892060245461464861507164276442140407308832537707450729432224150754603518526288767105682399190438680085925078051459448618725871249563011864525585870188123725554411655044152994826056900502298772802133526591794328224932405680583757307064395792317383571866619582974377344736930271554160701478385763426091091686496788999588340419226785217028504684542197970387916262126278955278523452903043316452825738030645100271595942652498852506660789605846309602343932245435421425673058238785509280366229754404949219663043627431437755087855502139890639468481922788973821783957766433857773771229298328019250652625289700950165414584983487319078090573179470893450632419467111117341472
复制代码
2、解题方法
给出p, c, e, 而且p,q是循环生成的两个大素数,本身flag较短。利用公式

exp:
  1. import gmpy2
  2. from Crypto.Util.number import long_to_bytes
  3. e = 65537
  4. p = 24724324630507415330944861660078769085865178656494256140070836181271808964994457686409910764936630391300708451701526900994412268365698217113884698394658886249353179639767806926527103624836198494439742123128823109527320850165486500517304731554371680236789357527395416607541627295126502440202040826686102479225702795427693781581584928770373613126894936500089282093366117940069743670997994742595407158340397268147325612840109162997306902492023078425623839297511182053658542877738887677835528624045235391227122453939459585542485427063193993069301141720316104612551340923656979591045138487394366671477460626997125944456537
  5. c = 510345661718450375632304764819724223824018609359964259503762283253350010161515190912152623604019093266967095847334388281390406831587663253164256543905694021952211220652820225527413861208452760215767828927039893435528572148282529198773772864255061213208279999011194952146362748485103032149806538140693537361755210176698895104708379400806511907719904867068865970241208806615061055047254026118016836750283966478103987375361826198930529462261013324904522014804502582865716441828895047550041401172127129749969507853355531197814919603963664646220505672302543085959372679395717892060245461464861507164276442140407308832537707450729432224150754603518526288767105682399190438680085925078051459448618725871249563011864525585870188123725554411655044152994826056900502298772802133526591794328224932405680583757307064395792317383571866619582974377344736930271554160701478385763426091091686496788999588340419226785217028504684542197970387916262126278955278523452903043316452825738030645100271595942652498852506660789605846309602343932245435421425673058238785509280366229754404949219663043627431437755087855502139890639468481922788973821783957766433857773771229298328019250652625289700950165414584983487319078090573179470893450632419467111117341472
  6. c1 = gmpy2.powmod(c,1,p)
  7. #print(c1)
  8. c1 = 4051214058804479368392672378735549121098858914222376579437253801094236077441467676514581111652283758229424464184778957984747437311884228390302136410558148974712344908234510044660168367785415961415047536214954790311033443902257586441153728895997584348202577220497738797942324111995037096097268934053788741967582039722075276514285656939591558765835657643982917853435078915341605460540295941943954509346184797648297092833816943277070377424440376503265230008537496494495338735818373418662569818535110895085066183097198245782175273695234075807560220916970685214729061789487329680664087145876085675558053582127109983793698
  9. d1 = gmpy2.invert(e,(p-1))
  10. m = gmpy2.powmod(c1,d1,p)
  11. print(long_to_bytes(m))
  12. #SYC{Just_a_s1mple_modular_equation}
复制代码
OTPTwice

1、题目信息
  1. I invented a new symmetric cryptosystem, and I believe you will never break it!
复制代码
  1. from pwn import xor
  2. from os import urandom
  3. flag = b"SYC{Al3XEI_FAKE_FLAG}"
  5. # step0: key generation & distribution
  6. def s0(msg):
  7.     k1,k2 = [urandom(len(msg)) for _ in "__"]
  8.     return k1,k2
  10. #  
  12. # step1: Alice encrypt M, and send it to Bob
  13. def s1(msg,k1):
  14.     c1 = xor(msg,k1)
  15.     return c1
  17. # step2: Bob encrypt c1, and send it to Alice
  18. def s2(msg,k2):
  19.     c2 = xor(msg,k2)
  20.     return c2
  22. # step3: Alice decrypt c2, and send it to Bob.
  23. def s3(msg,k1):
  24.     c3 = xor(msg,k1)
  25.     return c3
  27. # step4: Bob decrypt c3, get M.
  28. def s4(msg,k2):
  29.     m_ = xor(msg,k2)
  30.     return m_
  33. def encrypt(msg,k1,k2):
  34.     c1 = s1(msg,k1)
  35.     c2 = s2(c1,k2)
  36.     c3 = s3(c2,k1)
  37.     m_ = s4(c3,k2)
  38.     assert msg == m_
  40. # Here's what hacker Eve got:
  41. def encrypt_(msg,k1,k2):
  42.     c1 = s1(msg,k1)
  43.     c2 = s2(c1,k2)
  44.     c3 = s3(c2,k1)
  45.     m_ = s4(c3,k2)
  46.     if HACK == True:
  47.         print(c1)
  48.         print(c2)
  49.         print(c3)
  52. k1,k2 = s0(flag)
  53. encrypt_(flag,k1,k2)
  55. '''
  56. b'\xdbi\xab\x8d\xfb0\xd3\xfe!\xf8Xpy\x80w\x8c\x87\xb9'
  57. b'o\xb0%\xfb\xdb\x0e\r\x04\xde\xd1\x9a\x08w\xda4\x0f\x0cR'
  58. b'\xe7\x80\xcd\ria\xb2\xca\x89\x1a\x9d;|#3\xf7\xbb\x96'
  59. '''
复制代码
2、解题方法
简单分析一下,异或、逆向思维,不难看出我们需要求出k1,k1就是我们的flag
exp:
  1. from pwn import xor  
  2. from os import urandom  
  3.   
  4. # 已知的消息和密钥  
  5. flag = b"SYC{Al3XEI_FAKE_FLAG}"  
  6. c1 = b'\xdbi\xab\x8d\xfb0\xd3\xfe!\xf8Xpy\x80w\x8c\x87\xb9'  
  7. c2 = b'o\xb0%\xfb\xdb\x0e\r\x04\xde\xd1\x9a\x08w\xda4\x0f\x0cR'  
  8. c3 = b'\xe7\x80\xcd\ria\xb2\xca\x89\x1a\x9d;|#3\xf7\xbb\x96'  
  9. m_ = flag  # 已知的原始消息  
  10.   
  11. # 将十六进制的加密消息转换为二进制  
  12. c1_bin = bytes.fromhex(c1.hex())  
  13. c2_bin = bytes.fromhex(c2.hex())  
  14. c3_bin = bytes.fromhex(c3.hex())  
  15.   
  16. # 使用XOR操作推导出密钥k1  
  17. k1 = xor(c2, c1)  # c2 = xor(c1, k1), 所以 k1 = xor(c2, c1)  
  18. k1 = xor(k1, c3)  # c3 = xor(c2, k1), 所以 k1 = xor(k1, c3)  
  19.   
  20. # 将二进制密钥转换为十六进制格式  
  21. k1_hex = k1.hex()  
  22.   
  23. print("推导出的密钥k1 (十六进制格式):", k1_hex)  
  24. print("推导出的密钥k1 :", k1)
复制代码
  1. 推导出的密钥k1 (十六进制格式): 5359437b495f6c3076335f4372797074307d
  2. 推导出的密钥k1 : b'SYC{I_l0v3_Crypt0}'
复制代码
OldAlgorithm

1、题目信息
  1. An old algorithm but widely used nowadays.
复制代码
  1. from Crypto.Util.number import *
  2. import os
  3. flag = b"SYC{Al3XEI_FAKE_FLAG}"
  5. pad = lambda msg,padlen: msg+os.urandom(padlen-len(msg))
  8. flag = pad(flag,32)
  9. print(len(flag))
  10. p = [getPrime(16) for _ in range(32)]
  11. c = [bytes_to_long(flag)%i for i in p]
  14. print('p=',p)
  15. print('c=',c)
  17. '''
  18. p= [58657, 47093, 47963, 41213, 57653, 56923, 41809, 49639, 44417, 38639, 39857, 53609, 55621, 41729, 60497, 44647, 39703, 55117, 44111, 57131, 37747, 63419, 63703, 64007, 46349, 39241, 39313, 44909, 40763, 46727, 34057, 56333]
  19. c= [36086, 4005, 3350, 23179, 34246, 5145, 32490, 16348, 13001, 13628, 7742, 46317, 50824, 23718, 32995, 7640, 10590, 46897, 39245, 16633, 31488, 36547, 42136, 52782, 31929, 34747, 29026, 18748, 6634, 9700, 8126, 5197]
  20. '''
复制代码
 一眼丁真,中国剩余定理。参考:中国剩余定理(孙子定理 / CRT)
exp:
参考文章里面脚本拿来直接用,sage跑出m即可。
  1. #sage
  2. #仅适用模两两互素
  3. def chinese_remainder(modulus, remainders):
  4.     Sum = 0
  5.     prod = reduce(lambda a, b: a*b, modulus)
  6.     for m_i, r_i in zip(modulus, remainders):
  7.         p = prod // m_i
  8.         Sum += r_i * (inverse_mod(p,m_i)*p)
  9.     return Sum % prod
  10. chinese_remainder([58657, 47093, 47963, 41213, 57653, 56923, 41809, 49639, 44417, 38639, 39857, 53609, 55621, 41729, 60497, 44647, 39703, 55117, 44111, 57131, 37747, 63419, 63703, 64007, 46349, 39241, 39313, 44909, 40763, 46727, 34057, 56333]
  11. ,[36086, 4005, 3350, 23179, 34246, 5145, 32490, 16348, 13001, 13628, 7742, 46317, 50824, 23718, 32995, 7640, 10590, 46897, 39245, 16633, 31488, 36547, 42136, 52782, 31929, 34747, 29026, 18748, 6634, 9700, 8126, 5197]
  12. )
  13. #37699681561344853433172597523387281471904607566697320008840601281159457436694
复制代码
  1. import gmpy2
  2. from Crypto.Util.number import long_to_bytes
  3. m = 37699681561344853433172597523387281471904607566697320008840601281159457436694
  4. print(long_to_bytes(m))
  5. #SYC{CRT_1s_s0_ju1cy!}
复制代码
easy_classic

1、题目信息
  1. 非常好套娃,使我的古典旋转
复制代码

2、解题方法
这个题感觉是最有意思的。。。每层都有提示和压缩包,需要逐步分析每层,而且提示文件并没给出具体是什么密码
这就单纯考察我们对古典密码的熟练程度了。。。一 一 破解吧。哎!!!古典。
第一步:凯撒密码
  1. udzeojxuwqcu
复制代码

第二步:W型栏栅
  1. ialhhooavtepcyr
复制代码
随波逐流工具解得
  1. 分为7栏时,解密结果为:ilovecryptohaha
复制代码
第三步:base64
  1. 5a6H5a6Z5LiH5rOV55qE6YKj5Liq5rqQ5aS0
复制代码
 
第四步:熊曰
  1. 熊曰:呋食食食取噗山笨笨破嗄咯哈動嗡雜類嗒嘿啽沒歡破吖咬我啽寶盜噔咯沒
复制代码

第五步:base100+普莱菲尔密码
[code]password: adltlfltqrcykey:
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?立即注册

x
回复

使用道具 举报

0 个回复

正序浏览
返回列表

快速回复

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 or 立即注册

本版积分规则

灌篮少年

金牌会员
这个人很懒什么都没写!

楼主热帖

标签云

挺好的 服务器
微信订阅号
微信服务号
微信客服
小程序
H5
关于我们 商务合作 网站地图
©Copyright 2022-2024 杭州祥升科技有限公司 版权所有 浙ICP备20004199号
快速回复 返回顶部 返回列表